Frequently Asked Questions Auditor

Transcription

1 Frequently Asked Questions Auditor 1. What is Confirmfast Communications Private Limited? Confirmfast is a tool to upgrade the process of seeking and providing confirmations to an Online Platform. The purpose of these confirmations is to obtain evidence from Banks and other third parties about declarations made by a reporting entity in it s financial statements. 2. How do electronic confirmations framework prove better as compared to manual confirmations? Easy and time saving The current manual process takes weeks and sometimes months to elicit a response that not only is time consuming but also requires too much of paperwork. Authorization Client can ensure that only the authorize personnel can provide access to the auditor to generate confirmations. Also, they can set a validity for auditors to generate of confirmations within 1, 7, 15, or 30 days. Secure Client is well informed that only the auditor has access to the confirmation request and response. Confirm Fast processes the confirmations electronically through its user driven and flexible system architecture that allows simple integration into multiple platforms in order to make this process significantly faster, easier and more secure.

2 3. How does Confirmfast.com work? Confirmfast.com is a secure digital platform through which auditor can work with their clients and get these bank confirmations online: Step 1: Auditor registers himself and his firm on Confirmfast.com. Step 2: Auditor adds the Client on his dashboard and assigns a Client Administrator who will authorize the auditor to raise confirmations. Further, the auditor will add the Client s Bank Account Details: Bank Name, Account Number and Type of Account Step 3: Client Administrator receives an automated verification from Confirmfast.com and gets registered with Confirmfast Communications Pvt. Ltd. Step 4: The Client Administrator selects the validity period during which the Auditor needs to raise the confirmations. Later, the Client Administrator views the Bank Accounts added by the Auditor and is redirected to a secure Bank s Open Financial Exchange where the client enters the Login ID and Login Password (Not his Transaction ID / Transaction Password / Transaction OTP). Please note, that these details are entered on the Bank s Open Financial Exchange window and not on Confirmfast.

3 Step 5: After the Account is linked by the Client Administrator, the Auditor will receive an automated from Confirmfast.com that he can proceed with raising of electronic confirmations. Step 6: Auditor generates the electronic confirmations and downloads the Final Balance Confirmation Report, thus ending the Confirmation Audit Process. Estimated time for completion of Electronic Confirmation Process 2-3 days Estimated time for completion of Manual Confirmation Process days 4. Why does client need to provide the Banking Login ID and Login Password for confirmations? Confirmfast.com provides bank confirmations to auditors through bank feeds received from Bank s Open Financial Exchange Server. Such Server can be accessed only through authentication of user by the bank, which is possible by entering your Login User ID and Login Password. Please note, your Login ID and Login Password will not be stored by Confirmfast Communications Private Limited. Confirmfast.com complies with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 as set forth by the Ministry of Electronics and Information Technology regarding the collection, use and retention of Sensitive personal data or information of a person. To learn more about the Rules, please visit To learn more about how Confirmfast complies with the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 Refer to Annexure A under Privacy Policy Section on our portal or go over the given link

4 5. How does Confirmfast.com verify identity of the authorized person / client administrator? The client administrator is identified by the auditor on job, once the authorized person / client administrator is assigned at Confirmfast.com, the temporary password will be shared only with the assigned ID. Further, the assigned authorized person / client administrator will be required to sign (electronic signature impressions / digital signatures) to ensure his approval of auditor s request, which can be later verified by the auditor. 6. Can the Auditor or Confirmfast Communications Pvt. Ltd. post any transaction from the Client s Bank Account? No, since Confirmfast Communications Pvt. Ltd. will not have any access to Client s Login ID or Password, neither Confirmfast nor the Auditor can view or post any transaction from Client s Bank Account. Confirmfast s bank feeds are completely read-only. It is not possible for Confirmfast to transfer, move, or do anything else with the bank accounts aside from fetching your balance and displaying them to the auditor in form of a Balance Confirmation Letter. Also, client only needs to enter its Login ID and Login Password in order to access the highly secured Bank Open Financial Exchange server. The transaction password is not required and will be safe with the client. 7. How does Confirmfast answers / mitigates risks associated with Manual Confirmations? The risks can be categorized as systematic and unsystematic risks. Systematic Risks The risks arising within the system processes is known as systematic risks. The risks are ascertainable, and the system checks can be put in place to curb the exposure of the same.

5 Unsystematic Risks - The risks arising out of the system processes is known as unsystematic risks. Such risks are ascertainable to an extent, however due to uncertainty and less chance of probability we can ignore such risks. Such risks are present is both the systems. Risks Manual Confirmation Online Confirmation Forgery No/Delayed Response Address Error Identity Error Document Editing Authenticity Probability of forged confirmation document is high. The forgery can be done at various levels Due to over-occupancy of work sometime bankers are unable to respond timely Address to which confirmations are sent / received by auditor can be invalid / manipulated Identity of Person providing the confirmation cannot be verified Auditor cannot be sure that the response received from the bank has not been edited Upon non-receipt of confirmation letter, the auditor follows up with bank over . The authenticity of the cannot be verified. In the digital confirmation process, the risk is reduced significantly as the auditor directly gets back the requested balance from the server. Confirmfast is taking the response from the bank's open financial exchange. The process is automated, and no response can only be in a situation of technical glitch, probability of which is very remote Since the confirmations are provided through bank s open financial exchange online directly to auditor's dashboard, such risk is diluted Since the confirmations are provided online from bank server, locating the identity of person is not required and response is always from bank Only one copy of the response is received from the bank feed & made available to the auditor instantly on his dashboard. As soon as the report is downloaded, a non-editable pdf is shared on auditor s registered address for subsequent reference. Confirmations once requested are followed up by confirmfast automatically, therefore eliminating the need of follow up over s.

6 8. Will the audit evidence provided by Confirmfast.com be sufficient at a Peer Review? peer review is an examination and review of the systems and procedures to determine whether they have been put in place by the practice unit for ensuring the quality of attestation services as envisaged and implied/mandated by the Technical Standards. ICAI The corroborative audit evidence provided by Confirmfast.com meets the criterion listed under SA 500 Audit Evidence SA 505 External Confirmations Refer to our document Summary of SA 500 & SA 505 to understand how we meet the conditions of each of the relevant Paras mentioned there. Accordingly, since Confirmfast helps audit firms in enhancing their compliance of Technical Standards, Peer Review considerations are well met through the evidence collected using Confirmfast.